REMARKS 

This paper is submitted in reply to the Office Action dated March 22, 2007, within 
the three-month period for response. Reconsideration and allowance of all pending claims 
are respectfully requested. 

In the subject Office Action, claims 29 and 30 were rejected under 35 U.S.C. § 101. 
Additionally, claims 1-3, 6-9, 14-16, 19-22 and 27-30 were rejected under 
35 U.S.C. § 102(b) as being anticipated by U.S. Patent No. 5,713,018 to Chan. 
Furthermore, claims 4-5, 10-13, 17-18 and 23-26 were rejected under 35 U.S.C. § 103(a) as 
being unpatentable over Chan. 

Applicants respectfully traverse the Examiner's rejections to the extent that they are 
maintained. Applicants have canceled claims 12, 25 and 30, and amended claims 1, 3, 13, 
16, 26 and 29. Applicants respectfully submit that no new matter is being added by the 
above amendments, as the amendments are fully supported in the specification, drawings 
and claims as originally filed. Applicants also note that the amendments made herein are 
being made only for facilitating expeditious prosecution of the aforementioned claimed 
subject matter. Applicants are not conceding in this application that the originally-claimed 
subject matter is not patentable over the art cited by the Examiner, and Applicants 
respectfully reserve the right to pursue this and other subject matter in one or more 
continuation and/or divisional patent applications. 

Now turning to the subject Office Action, and specifically with regard to the §101 
rejections, the Examiner will note that Applicants have amended claim 29 to recite that the 
program code is configured to perform the recited steps "upon execution," and that the 
computer readable signal bearing medium is "recordable." Claim 30 has also been 
canceled without prejudice. As discussed at page 9, lines 16-20 of the specification, a 
"recordable medium" is distinguished from a "transmission medium," and thus specifically 
excludes signals. Applicants respectfully submit that the amendments place claim 29 in a 
form that is considered statutory by the Office's current guidelines. Withdrawal of the 
§101 rejections is therefore respectfully requested. 

Now turning to the art-based rejections, and specifically to the rejection of 
independent claim 1, this claim generally recites a method of executing a query in a 
database management system. The method comprises receiving an SQL statement from an 
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application program coupled to the database management system; executing the SQL 
statement; encrypting the SQL statement to generate an encrypted representation of the 
SQL statement; and logging execution of the SQL statement in a database monitor by 
storing the encrypted representation of the SQL statement in an execution log managed by 
the database monitor. The claim has also been amended to additionally recite the step of: 

displaying the execution log, including retrieving the 
encrypted representation of the SQL statement from the 
execution log, decrypting the encrypted representation of 
the SQL statement to generate an unencrypted 
representation of the SQL statement, and displaying the 
unencrypted representation of the SQL statement. 

Support for this amendment may be found, for example, at page 12, lines 3-17 of the 
Application as originally filed. 

In rejecting claim 1, the Examiner relies solely on Chan, and in particular, col. 1, 
lines 65-67, col. 2, lines 48-67, col. 3, lines 1 1-60 and col. 4 lines 35-60. Chan, however, 
does not disclose any database monitor or execution log, much less a database monitor or 
execution log that encrypts any information stored therein. 

A database monitor is a well known program used in a database management 
system to log the execution details of the system in an execution log, and is often used to 
optimize the system and/or the queries processed by the system. As discussed, for 
example, at page 3 of the Application, it has been found that in some instances, some of the 
execution details logged in an execution log by a database monitor may contain 
confidential information that a party may not wish to have accessible by others. For 
example, some execution details such as the values passed to parameter markers or host 
variables during execution of a query may include confidential information such as 
employee social security numbers, salary information, etc. In addition, query statements 
such as SQL statements may be confidential to an application developer, and a developer 
may prefer to keep those statements from being viewed by customers or competitors. 
Conventional database monitors, however, typically log all execution details for an 
executed query execution in an execution log, without regard to the type of execution 
detail. Consequently, if database monitoring is enabled, the potential exists that 
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confidential information could be logged in a database monitor execution log and accessed 
by unauthorized parties. 

The invention recited in claim 1, addresses this problem in part by encrypting a 
SQL statement that is being processed by a database management system such that an 
encrypted representation of that SQL statement is logged in the database monitor. 
Subsequently, whenever the database monitor is accessed to display all or a portion of the 
execution log, the SQL statement must be decrypted prior to being displayed. As a result, 
only parties authorized to decrypt the SQL statement will be able to view an unencrypted 
representation of the SQL statement when the execution log is displayed. Unauthorized 
parties, e.g., parties not having the appropriate decryption key, will not be able to view the 
unencrypted representation of the SQL statement. 

Chan lacks any disclosure of encrypting an SQL statement and storing the 
encrypted SQL statement in an execution log of a database monitor. In fact, neither the 
term "log" nor the term "monitor" is even found in the reference. The passages cited by 
the Examiner merely disclose encrypting SQL statements passed by clients to a database 
management system as a mechanism for allowing only trusted clients to access certain 
types of SQL statements (e.g., untrusted clients may only be able to issue read-type SQL 
statements, but trusted clients may be permitted to issue write-type SQL statements to 
enable only trusted clients to modify the contents of the database, see col. 1, lines 14-24). 

In fact, Chan does not even disclose any encryption mechanism in a database 
server. Rather, clients are required to encrypt SQL statements, while a decryption engine 
in the server is used to decrypt those statements. Even if a conventional monitor is used in 
the Chan system (though no monitor is actually disclosed), there is no disclosure of any 
encryption engine within the Chan server that could encrypt SQL statements before they 
were stored in an encryption log. Of note, the cited passages at col. 3, lines 35-60 and col. 
4, lines 50-60 refer to encryption operations performed in clients rather than any server in 
which a database monitor could be implemented. 

As noted above, claim 1 also now recites the display of the execution log, along 
with the retrieval, decryption and display of an unencrypted representation of an SQL 
statement that has been encrypted and stored in the execution log. Chan has no disclosure 
whatsoever relevant to this concept. In fact, the Examiner is required to rely on official 
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notice in rejecting claims 12 and 25 (which recite decryption in connection with displaying 
an execution log), stating: 

displaying computer data was well known to those of 
ordinary skill in the art at the time of the invention. For 
example, such logs are often generated as reports to serve 
administrators who seek to maintain the system. (Office 
Action, page 11). 

The Examiner's reliance on official notice in this instance, however, is insufficient 
to establish anticipation of claim 1. While the display of an execution log from a database 
monitor may be well known, there is no evidence on the record that establishes the 
conventionality of either storing execution details such as SQL statements in an execution 
log in an encrypted format, or decrypting execution details such as SQL statements in 
connection with displaying those execution details along with an execution log. 

Applicants respectfully submit Chan does not disclose either the encryption of SQL 
statements that are stored in an execution log of a database monitor, or the decryption of 
such statements in association with displaying an execution log. As such, claim 1 is novel 
over Chan, and the rejection should be withdrawn. In addition, there is no suggestion in 
the art to modify Chan to incorporate any such functionality. Given the unique and 
unexpected advantage of protecting potentially confidential execution details from being 
accessed via a database monitor, Applicants submit that claim 1 is also non-obvious over 
Chan. Reconsideration and allowance of independent claim 1, and of claim 2 which 
depends therefrom, are therefore respectfully requested. 

Next with regard to the rejection of independent claim 3, this claim generally 
recites a method of logging query execution in a database management system. The claim 
has been amended to incorporate the subject matter of claim 12, and now recites generating 
an encrypted representation of an execution detail for a query executed by the database 
management system, logging the execution detail for the query in an execution log for the 
database management system by storing the encrypted representation thereof in the 
execution log, and decrypting the execution detail in association with displaying the 
execution log. Claim 12 has been canceled, and claim 13 has been amended, in connection 
with the amendment to claim 3. 
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Claim 12 is rejected as being obvious over Chan. As discussed above in connection 
with claim 1, however, Chan does not disclose or suggest the encryption of SQL statements 
or other execution details and the storage of same in an encrypted representation in an 
execution log. Chan also does not disclose or suggest decrypting an execution detail in 
association with displaying an execution log. 

The Examiner cites col. 3, lines 10-60 and col. 4, lines 50-60, in rejecting claim 3. 
As noted above in connection with claim 1, however, these passages merely disclose 
functionality disposed in a client that encrypts a SQL statement prior to transmitting that 
statement to a database management system. Neither passage discloses or suggests 
encrypting an execution detail and storing that execution detail in an execution log in an 
encrypted representation. 

In addition, in rejecting claim 12, the Examiner cites col. 4, lines 15-25 for 
allegedly disclosing decrypting an execution detail in association with displaying an 
execution log. However, the cited passage only refers to the decryption of an SQL 
statement by a database management system in connection with executing the statement. 
Again, no discussion is provided of a database monitor or execution log, and certainly no 
suggestion is provided for decrypting an SQL statement in connection with displaying any 
execution log. Furthermore, as discussed above in connection with claim 1, the 
Examiner's reliance on official notice addresses only the concept of displaying an 
execution log from a database monitor. The fact that the display of an execution log may 
be known falls far short of disclosing or suggesting to one of ordinary skill in the art the 
concept of decrypting an execution detail in association with displaying an execution log. 

Applicants therefore respectfully submit that the Examiner has failed to establish a 
prima facie case of obviousness as to claim 3. Reconsideration and allowance of claim 3, 
and of claims 4-11 and 13-15 which depend therefrom, are therefore respectfully requested. 

Next, with respect to independent claims 16 and 29, each of these claims has been 
amended to incorporate the subject matter of claim 25, and claim 25 has been canceled, 
and claim 26 amended, for consistency with these amendments. Claims 16 and 29 recite, 
similar to amended claim 3, generating an encrypted representation of an execution detail 
for a query executed by the database management system, logging the execution detail for 
the query in the execution log by storing the encrypted representation thereof in the 
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execution log, and decrypting the execution detail in association with displaying the 
execution log. As discussed above in connection with claim 3, this combination of features 
is not disclosed or suggested by Chan. Accordingly, claims 16 and 29 are non-obvious 
over Chan, and the rejection should be withdrawn. Reconsideration and allowance of 
independent claims 16 and 29, and of claims 17-24 and 26-28 which depend therefrom, are 
therefore respectfully requested. 

As a final matter, Applicants traverse the Examiner's rejections of the dependent 
claims based upon their dependency on the aforementioned independent claims. 
Nonetheless, Applicants do note that a number of these claims recite additional features 
that further distinguish these claims from the references cited by the Examiner. However, 
in the interest of prosecutorial economy, these claims will not be addressed separately 
herein. 

In summary, Applicants respectfully submit that all pending claims are novel and 
non-obvious over the prior art of record. Reconsideration and allowance of all pending 
claims are therefore respectfully requested. If the Examiner has any questions regarding 
the foregoing, or which might otherwise further this case onto allowance, the Examiner 
may contact the undersigned at (513) 241-2324. Moreover, if any other charges or credits 
are necessary to complete this communication, please apply them to Deposit Account 
23 3000. 

Respectfully submitted, 



/Scott A. Stinebruner/ 

Scott A. Stinebruner 
Reg. No. 38,323 

WOOD, HERRON & EVANS, L.L.P. 
2700 Carew Tower 
441 Vine Street 
Cincinnati, Ohio 45202 
Telephone: (513)241-2324 
Facsimile: (513)241-6234 
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